Encryption is a form of cryptography, the purpose of which is the process of transforming information into a different – ‘hashed’ – format in order to prevent unwanted access to this information. This transformation can be brought about in various ways by means of different cryptographic algorithms. Encryption plays an important role in securely sending and storing data. End to end encryption entails that no third parties can decipher the message encrypted, as is possible in encryption in transit, where the information is encrypted, deciphered on a server and then encrypted again. Both end to end and in transit encryption require keys to decipher the hashed text back into clear text.
Often encryption involves tradeoffs between making sure the data is safe, and other important features of data transfer, such as useability or computing power. For example, encryption can get in the way of providing access to the data to the right parties in the right circumstances, think here of healthcare providers or researchers for instance. Also, lightweight smart devices that communicate wirelessly, for instance wearables that are used in a Body Area Network, are often not big or powerful enough to be able to make complex calculations required in modern cryptography. For such purposes, lightweight cryptography has been developed.
The GDPR requires that controllers and processors “implement appropriate technical and organisational measures” to secure personal data, leaving it open just in what way they accomplish this.